RequestProcessingUtils.java example

Explorer
coprhd-controller-master
/*
 * Copyright (c) 2013 EMC Corporation
 * All Rights Reserved
 */
package com.emc.storageos.security.authentication;

import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URLDecoder;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.emc.storageos.keystone.KeystoneConstants;
import com.emc.storageos.svcs.errorhandling.resources.APIException;

/**
 * Utilities class for request processing common constants and coding
 * patterns, related to bourne tokens.
 */
public class RequestProcessingUtils {
    private static final Logger _log = LoggerFactory.getLogger(RequestProcessingUtils.class);
    public static final String REDIRECT_FROM_AUTHSVC = "auth-redirected";
    public static final String KEYSTONE_AUTH_TOKEN_HEADER =  KeystoneConstants.AUTH_TOKEN;
    public static final String AUTH_TOKEN_HEADER = "X-SDS-AUTH-TOKEN";
    public static final String AUTH_PORTAL_TOKEN_HEADER = "X-SDS-PORTAL-AUTH-TOKEN";
    public static final String AUTH_PROXY_TOKEN_HEADER = "X-SDS-AUTH-PROXY-TOKEN";
    public static final String REQUESTING_COOKIES = "using-cookies";
    public static final String REQUESTING_FORMLOGIN = "using-formlogin";
    public static final String UTF8_ENCODING = "UTF-8";
    public static final String FORWARDED_HOST_HEADER = "X-Forwarded-Host";

    /**
     * get Token from the cookie, if there is one
     * 
     * @param request
     * @return
     */
    public static String getTokenFromCookie(final HttpServletRequest request) {
        if (request.getCookies() != null) {
            for (Cookie cookie : request.getCookies()) {
                if (cookie.getName().equalsIgnoreCase(AUTH_TOKEN_HEADER)) {
                    return cookie.getValue();
                }
            }
        }
        return null;
    }

    /**
     * get local authsvc redirect
     * 
     * @param req
     * @return
     */
    public static StringBuilder getOnNodeAuthsvcRedirectURL(final HttpServletRequest req, URI endpoint) {
        if (endpoint == null) {
            return null;
        }
        URI myEndPoint = URI.create(req.getRequestURL().toString());
        return new StringBuilder(String.format("https://%s:%s",
                myEndPoint.getHost(), endpoint.getPort()));
    }

    /**
     * if matching key exists in the query string, removes it
     * 
     * @param queryString
     * @param matching
     * @return
     */
    public static String removeFromQueryString(String queryString, String matching)
            throws UnsupportedEncodingException {
        if (queryString == null) {
            return null;
        }
        StringBuffer resultQStr = new StringBuffer();
        for (String pair : queryString.split("&")) {
            int eq = pair.indexOf("=");
            String key = null;
            if (eq < 0) {
                // key with no value
                key = URLDecoder.decode(pair, UTF8_ENCODING);
            } else {
                // key=value
                key = URLDecoder.decode(pair.substring(0, eq), UTF8_ENCODING);
            }
            if (!key.equalsIgnoreCase(matching)) {
                if (resultQStr.length() > 0) {
                    resultQStr.append("&");
                }
                resultQStr.append(pair);
            }
        }
        return resultQStr.toString();
    }

    /**
     * returns true if the provided query parameter is requested
     * 
     * @param queryParam The query parameter to check on
     * @param req
     * @return true if the provided query parameter is set
     */
    public static boolean isRequestingQueryParam(final HttpServletRequest req, String queryParam) {
        if (req.getQueryString() != null && req.getQueryString().contains(queryParam)) {
            try {
                for (String pair : req.getQueryString().split("&")) {
                    int eq = pair.indexOf("=");
                    String key;
                    String value = null;
                    if (eq < 0) {
                        // key with no value
                        key = URLDecoder.decode(pair, UTF8_ENCODING);
                    } else {
                        // key=value
                        key = URLDecoder.decode(pair.substring(0, eq), UTF8_ENCODING);
                        value = URLDecoder.decode(pair.substring(eq + 1), UTF8_ENCODING);
                    }
                    if (key.equalsIgnoreCase(queryParam) &&
                            (value == null || value.equalsIgnoreCase("true"))) {
                        return true;
                    }
                }
            } catch (UnsupportedEncodingException ex) {
                _log.error("exception parsing query string", ex);
                throw APIException.badRequests.parameterIsNotValidURI(
                        URI.create(req.getQueryString()), ex);
            }
        }
        return false;
    }

    /**
     * Method that examines the HTTPServletRequest header searching for
     * the X-Forwarded-Host key. If it's found, this method will return
     * true.
     * 
     * @param req the HttpServletRequest that provides a means to lookup request
     *            header information.
     * @return returns true if the X-Forwarded-Host is set. Otherwise
     *         returns false.
     */
    public static boolean isRequestFromLoadBalancer(final HttpServletRequest req) {
        boolean result = false;
        if (req != null) {
            String lbFlag = req.getHeader(FORWARDED_HOST_HEADER);
            if (lbFlag != null) {
                result = true;
            }
        }
        return result;
    }
}